Personal data protection applied in the ANIA website

Privacy policy

ANIA Site

The following information is provided, inter alia, pursuant to Articles 13 and 14 of the EU Regulation No. 679/2016 ("GDPR") and the national adapting legislation (jointly with the GDPR "Privacy Legislation") to users who use the services accessible from the web address www.ania.it.

During consultation of the site, information concerning users that constitutes personal data within the meaning of the Privacy Legislation may, in fact, be collected. The term personal data refers to the definition contained in Article 4 in point 1) of the GDPR i.e., "any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is any natural person who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier, or to one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural or social identity" ("Personal Data").

The GDPR requires that, before processing Personal Data-that is, according to the relevant definition in Article 4 (2) of the GDPR, "any operation or set of operations which is performed with or without the help of automated processes and applied to personal data or sets of personal data, such as collecting, recording, organizing, structuring, storing, adapting or modifying extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction" ("Processing") - it is necessary that the person to whom such Personal Data belongs be informed about the reasons why such data is required and how it will be used.

In this regard, the purpose of this document is to provide, in a simple and intuitive manner, all the useful and necessary information so that the user can give his or her Personal Data in a conscious and informed manner and, at any time, request and obtain clarifications and/or corrections.

This Information Notice, therefore, has been drafted on the basis of the principle of transparency and all the elements required by Article 13 of the GDPR and is divided into individual sections each of which deals with a specific topic in order to make reading quicker, easier and easier to understand ("Information Notice"). The Disclosure is provided exclusively for the aforementioned site and does not cover any other sites that can be reached by the user through links that may be present on the same.

DATA CONTROLLER

The data controller of personal data is ANIA - Associazione Nazionale fra le Imprese di Assicurazione - with headquarters in Rome (Italy), Via di San Nicola da Tolentino, no. 72 - 00187 (RM) and representation in Milan, Via Aldo Rossi 4, 20149 (MI).

The Data Controller, in order to perform support and control functions regarding the application of EU Regulation No. 679/2016, has appointed a Data Protection Officer (i.e., Data Protection Officer), who can be contacted at the email address [email protected]

TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

  1. NAVIGATION DATA

The computer systems and software procedures used to operate this website acquire, during their normal operation, some Personal Data of users who connect to the site and whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow the said users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check that it is working properly. The data could be used to ascertain responsibility in case of computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days. 

In any case, the transfer of data to non-EEA countries is excluded.

Data provided voluntarily by the user

Sending electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.

In addition, the user, if a member (Member) of ANIA, will be able to access the restricted area through the following link https://www.extranet.ania.it, by entering their authentication credentials (username and password). More information is contained in the disclosure included therein.

Where necessary, specific summary disclosures will be shown or displayed on pages of the site that may be prepared for particular on-demand services.

Voluntarily Providing Data

With the exception of navigation data, users are free to provide their Personal Data in order to request the sending of informative material or other communications. Their non-conferral, therefore, may result in the impossibility of obtaining what has been requested.

Communication and Circulation of Data

Personal Data may be disclosed to specific entities considered recipients of such Personal Data. In fact, Article 4 at point 9) of the GDPR, defines as the recipient of a Personal Data "the natural or legal person, public authority, service or other body that receives communication of personal data, whether or not it is a third party" ("Recipients"). With this in mind, in order to properly carry out all the Processing activities necessary to pursue the purposes set forth in this Notice, the following may be in a position to process your Personal Data: (i) third parties who carry out part of the Processing activities and/or activities related and instrumental to the same on behalf of the Data Controller. Such parties have been appointed as data processors; (ii) individuals, employees and/or collaborators of the Data Controller, who have been entrusted with specific and/or more Processing activities on Personal Data and who have been given specific instructions regarding the security and proper use of Personal Data; and (iii) where required by law or to prevent or suppress the commission of a crime Personal Data may be disclosed to public entities or judicial authorities without these being defined as Recipients. In fact, according to Article 4 at point 9), of the GDPR, "public authorities that may receive communication of Personal Data in the context of a specific investigation in accordance with the law of the Union or Member States are not considered Recipients."

Under no circumstances will the collected data be circulated.

Rights of Data Subjects

You may exercise the rights recognized by the Privacy Regulations including, but not limited to, the right (i) to access your Personal Data (and to know its origin, the purposes and purposes of its processing, the data of the persons to whom it is communicated, the period of data retention or the criteria useful to determine it), (ii) to request its rectification, (iii) its deletion ("oblivion"), if no longer necessary incomplete, erroneous or collected in violation of the law, (iv) to request that the processing be limited to a part of the information about you; (v) to the extent technically feasible, to receive in a structured format or to transmit to you or to third parties indicated by you the information about you (c. d. "portability"). In this case, it will be your responsibility to provide us with all the exact details of the new data controller to whom you intend to transfer your Personal Data by providing us with written authorization; (vi) to revoke your consent at any time, in the event that it forms the basis of the processing. Revocation of consent, however, will not affect the lawfulness of the processing based on the consent carried out prior to the revocation.

The aforementioned rights may be exercised by means of a written request addressed without formality to the Data Controller at the office indicated above or by sending a communication to the following e-mail address: [email protected].

The right to lodge a complaint with the Guarantor Authority for the Protection of Personal Data - Piazza Venezia n. 11, Rome, Italy, is in any case granted without prejudice.

  1. COOKIE POLICY

This document provides detailed information on the use of cookies and similar technologies, how they are used within the site (hereinafter, the "Site"), and how they are managed.

This Site uses cookies and similar technologies to ensure the proper functioning of procedures, as well as - subject to consent - to improve the user's browsing experience and carry out profiling activities for commercial purposes. You may at any time revoke your consent or change your preferences.

The information on the use of cookies by the owner of this Site is part of ANIA's broader Privacy Policy.

Cookies

Cookies are text strings ("data files") that contain packets of information that are stored on a data subject's computer or mobile device every time the data subject visits a website through a browser. On each subsequent visit, the browser sends these cookies to the website that originated them or to another website to improve the website's offerings and usability.

Cookies are used for different purposes, have different characteristics, and can be used either by the owner of the site you are visiting ("first party") or by third parties ("third parties").

Cookies may be stored for different periods of time depending on the purpose for which they are processed, possibly also by third-party companies, in accordance with the time-to-time applicable privacy regulations. Temporary first-party session cookies are active for the duration of the session (they are then destroyed to be recreated at the next login), permanent first-party cookies have a validity period of up to 24 months, while for third-party cookies the retention period is indicated by the third parties on the relevant websites.

- Necessary technical cookies

Technical cookies allow the performance of activities strictly related to the operation of the Site, making it possible to connect and transmit data between the user and the site. These cookies are usually set in response to actions performed by the user that constitute a request for services (e.g. setting privacy preferences, accessing a restricted area or filling out registration forms) or for aggregate and anonymous statistical purposes of Site use. The installation of technical cookies does not require the user's prior consent, but please note that in your browser settings you can authorize, limit or block cookies. However, if you set your device to reject these cookies, some of the Site's services may not display properly or may not function optimally.

In particular, this Site uses the following necessary technical cookies:

Name

Purpose

Conservation period

Cookie’s type

__cf_bm

Distinguishing between humans and robots. This is useful for the website, in order to make valid reports on site usage.

1 day

first party

CONSENT

Detect whether the visitor has accepted the marketing category in the cookie banner. This cookie is required for GDPR compliance of the website.

24 months

Third party

CONSENT

Detect whether the visitor has accepted the marketing category in the cookie banner. This cookie is required for GDPR compliance of the website

24 months

Third party

COOKIE_SUPPORT

Determining whether the site accepts cookies

12 months

first party

JSESSIONID

Preserving user states on different pages of the site

Session

first party

ROUTEID

Optimize the response rate between the user and the site by distributing or the traffic load over multiple network links or servers. It is used in context with load balancing

Session

first party

GUEST_LANGUAGE_ID

Determine the visitor's preferred language. Allows the website to set the preferred language when the visitor returns.

12 months

First party

 

- Profiling cookies

These cookies may be set through our site by our advertising partners to create a profile of your interests and show you relevant ads on other sites. Your prior consent is required for the installation of such cookies.

In particular, this Site uses the following profiling cookies:

Name

Purpose

Periodo di conservazione

Cookie’s type

VISITOR_INFO1_LIVE

Try to estimate the speed of the user's connection on pages with embedded YouTube videos

6 months

Third party

YSC

Record a unique ID used to generate statistical data on how the visitor uses the website

Session

Third party

ytidb::LAST_RESULT_ENTRY_KEY

Store user's video player preferences using embedded YouTube video

Persistent

Third party

yt-remote-cast-available

Store user's video player preferences using embedded YouTube video

Session

Third party

yt-remote-cast-installed

Store user's video player preferences using embedded YouTube video

Session

Third party

yt-remote-connected-devices

Store user's video player preferences using embedded YouTube video

Persisten

Third party

yt-remote-device-id

Store user's video player preferences using embedded YouTube video

Persisten

Third party

yt-remote-fast-check-period

Store user's video player preferences using embedded YouTube video

Session

Third party

yt-remote-session-app

Store user's video player preferences using embedded YouTube video

Session

Third party

yt-remote-session-name

Store user's video player preferences using embedded YouTube video

Session

Third party

Optional Providing of Data

The provision of data by the user is optional in nature. Except for technical cookies, as seen, the user browsing the Site consents to the provision of data via cookies if he or she performs one of the following actions:

  • by clicking on the Accept All Cookies button found within the banner;
  • by clicking on the Customize button and selecting the individual categories of cookies;

Data Subject Rights

In addition to the provisions of the ANIA privacy policy, to which reference is made, as for cookies, consent can be revoked at any time within the site in the cookie policy settings.

In addition, the user can set his or her browser in such a way as to receive a warning of the presence of a cookie and then decide whether to accept or reject it. He or she may also delete said cookies through the features made available by each browser for Internet access. In this regard, we provide below links to the policies of the main browsers for more information on disabling cookies:

Internet Explorer: http://windows.microsoft.com/it-it/windows7/block-enable-or-allow-cookies
Google Chrome:
https://support.google.com/chrome/answer/95647?hl=it-IT&p=cpn_cookies
Mozilla Firefox:
https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Apple Safari:
https://www.apple.com/legal/privacy/it/cookies
Firefox:
https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Opera:
http://help.opera.com/Windows/10.00/it/cookies.html
Safari:
http://support.apple.com/kb/HT1677?viewlocale=it_IT

***

This document, published at www.ania.it is an expression of the data protection policy applied by ANIA on this site, which is subject to constant review and updating.